Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Contributor

IP Tables

Overview

A python scripts that takes the output of ip-tables and produces a script with a similar Check Point policy

Instructions

See power point slides in the attached zip.

Code Version

Code version 0.0.0

Tested on version

R80, API version 1.0

NOTICE: By using this sample code you agree to terms and conditions in this Terms and Conditions

...

Tags (2)
3 Replies
Highlighted
Participant

Good morning, I have tested the script and it works very well for the most part, it only gives me problems in one command.

#create in-line layers - one for every chain:
mgmt_cli add layer name sub_policy_INPUT -s id.txt

#create top layer
mgmt_cli add layer name iptables_policy -s id.txt

The add layer command does not exist, but the add access-layer command does exist. I have changed it for the latter.

 

my iptable version is iptables v1.3.5

my CP version is product-version: "Check Point Gaia R80.30 "
os-build: "200"
os-kernel-version: "3.10.0-693cpx86_64"
os-edition: "64-bit"

do you think it will work properly?

 

regards

0 Kudos
Highlighted
Advisor

Without verifying the actual script... if you should run into issues try to modify the login call to specify the api version which should be used ("--version 1"). In this case it would be version 1.0 - if you do not specify this your management server will automatically try to use the latest version (which is 1.5 for R80.30).
0 Kudos
Highlighted
Admin
Admin

This is a script that was developed for R80 (specifically, the first version).
It might need modification for later versions.
0 Kudos